One of the world’s top computer security experts – Eugene Kaspersky – said this week that the virus has attacked a Russian nuclear reactor. As The Register notes:

The infamous Stuxnet malware thought to have been developed by the US and Israel to disrupt Iran’s nuclear facilities, also managed to cause chaos at a Russian nuclear plant, according to Eugene Kaspersky.

The revelation came during a Q&A session after a speech at Australia’s National Press Club last week, in which he argued that those spooks responsible for “offensive technologies” don’t realise the unintended consequences of releasing malware into the wild.

“Everything you do is a boomerang,” he added. “It will get back to you.”

***

“Unfortunately, it’s very possible that other nations which are not in a conflict will be victims of cyber attacks on critical infrastructure,” said Kaspersky.

Not finished there, Kaspersky also claimed to have heard from “Russian space guys” in the know that even machines on the International Space Station had been infected “from time to time” after scientists arrived aboard with infected USBs.

Watch for yourself:

Other security experts agree.

As British security website V3 – in an article entitled “Stuxnet: UK and US nuclear plants at risk as malware spreads outside Russia” – reports:

Experts from FireEye [background] and F-Secure [background] told V3 the nature of Stuxnet means it is likely many power plants have fallen victim to the malware ….

“It didn’t spread via the internet. It spread outside of its target due to a bug and so it started traveling via USB. Given the community targeted, I would not be surprised if other countries had nuclear plants with infected PCs,” he said.

Director of security strategy at FireEye, Jason Steer, mirrored Sullivan’s sentiment, adding the insecure nature of most critical infrastructure systems would make them an ideal breeding ground for Stuxnet.

***

Steer added the atypical way Stuxnet spreads and behaves, means traditional defences are ill equipped to stop, or even accurately track the malware’s movements.

“It’s highly likely that other plants globally are infected and will continue to be infected as it’s in the wild and we will see on a weekly basis businesses trying to figure out how to secure the risk of infected USB flash drives,” he said.